Short Summary:
The article provides a detailed analysis of PhantomLoader, a malware loader that disguises itself as a legitimate DLL for antivirus software. It is used to deliver a rust-based …
Short Summary:
The article provides a detailed analysis of PhantomLoader, a malware loader that disguises itself as a legitimate DLL for antivirus software. It is used to deliver a rust-based …
Summary: Cisco has issued a security advisory regarding multiple vulnerabilities in its Small Business RV340 series routers, which could allow remote attackers to escalate privileges and execute arbitrary commands. These …
Summary: A critical vulnerability (CVE-2024-45409) in the Ruby-SAML and OmniAuth-SAML libraries has been discovered, allowing attackers to bypass SAML authentication in GitLab’s system. This flaw stems from weaknesses in the …
Summary: A critical local privilege escalation vulnerability (CVE-2024-44193) affecting iTunes version 12.13.2.3 has been disclosed, allowing attackers to gain SYSTEM-level access on Windows systems. Apple has patched the flaw, which …
Summary: A critical vulnerability (CVE-2024-47191) in the OATH-Toolkit’s PAM module exposes systems to root-level exploits during one-time password (OTP) authentication. Discovered by SUSE Security Team members, the flaw allows unprivileged …
Summary: Cybersecurity researchers are alerting organizations about active exploitation attempts of a newly disclosed vulnerability, CVE-2024-45519, in Synacor’s Zimbra Collaboration software. The flaw allows unauthenticated attackers to execute arbitrary commands, …
Summary: Attackers are exploiting CVE-2024-45519, a critical vulnerability in Zimbra that allows unauthorized command execution. Despite patches being available, the exploitation began shortly after a technical write-up and proof of …
Summary: Recent research has revealed that a set of four vulnerabilities in the Common Unix Printing System (CUPS) not only allows for remote code execution but also enables attackers to …
Summary: A critical unauthenticated stored cross-site scripting (XSS) vulnerability has been found in the LiteSpeed Cache plugin for WordPress, affecting over 6 million installations. This flaw allows attackers to potentially …
Summary: DrayTek has patched 14 vulnerabilities across 24 router models, including critical flaws that could lead to remote code execution (RCE) or denial-of-service (DoS). The vulnerabilities were discovered by Forescout …
Summary: A newly discovered zero-day vulnerability (CVE-2024-38200) in Microsoft Office poses significant risks to users by allowing unauthorized access to sensitive authentication data. Security researcher Metin Yunus Kandemir has detailed …
Meow, a ransomware group that emerged in 2022, has gained attention for its unique operational model and rising victim count. It is often linked to Meow Leaks, which …
Summary: Canonical has issued security updates for Ubuntu 16.04 ESM and 18.04 ESM to fix multiple vulnerabilities in Git that could allow attackers to overwrite files, inject configurations, or execute …
Summary: Attackers are exploiting a critical remote code execution vulnerability (CVE-2024-45519) in Zimbra’s SMTP server, prompting urgent patching by affected organizations. The vulnerability allows unauthenticated remote attackers to execute arbitrary …
Summary: A critical vulnerability known as KartLANPwn (CVE-2024-45200) has been discovered in Mario Kart 8 Deluxe, allowing potential remote code execution during multiplayer sessions. The flaw, found in Nintendo’s Pia …
Summary: Security researcher Zach Hanley from Horizon3.ai has disclosed a critical vulnerability (CVE-2024-28987) in SolarWinds Web Help Desk software, which involves hardcoded credentials that could allow unauthorized access to sensitive …
Summary: A researcher has identified a critical decade-old vulnerability rated 9.9 that affects all GNU/Linux systems, potentially allowing attackers to gain complete control over these devices. The flaw is currently …
Summary: DragonForce ransomware is rapidly expanding its Ransomware-as-a-Service (RaaS) operations, posing a significant global threat to businesses through sophisticated double extortion tactics. Companies are urged to enhance their cybersecurity measures …
Summary: Researchers have disclosed a critical use-after-free vulnerability in the Linux kernel, identified as CVE-2024-26808, which affects versions from v5.9 to v6.6. This flaw allows local attackers to escalate privileges, …
UserSec is a pro-Russian hacktivist group that emerged in early 2023, targeting Western governments and critical infrastructure, particularly those affiliated with NATO and Ukraine. Utilizing Telegram for coordination …
Short Summary:
In July 2024, a ReliaQuest customer in the manufacturing sector experienced a data exfiltration attack. The threat actor exploited a Fortinet firewall and used a brute-force attack on …
In light of the escalating frequency and complexity of ransomware attacks, are security leaders confident in their organization’s defenses? According to Group-IB’s Hi-Tech Crime Trends 2023/2024 Report, ransomware will have …
ThreatWire Summary
ThreatWire SummaryThe video discusses recent security incidents involving the Rabbit R1 device, a major supply chain attack on the Polyfill JavaScript library, and a critical vulnerability in …
Summary: Users of VLC media player are urged to update their software due to a critical vulnerability (CVE-2024-46461) that could allow attackers to crash the program or execute arbitrary code. …
In March 2024, Elastic Security Labs uncovered a sophisticated Linux malware campaign targeting vulnerable servers. The attackers exploited an Apache2 web server to gain initial access and deployed …
Short Summary:
In the first half of 2024, Darktrace Threat Research observed multiple cyber attack campaigns targeting vulnerabilities in internet-facing systems, particularly focusing on Fortinet’s FortiClient EMS. A critical SQL …
Summary: TeamViewer has disclosed two critical vulnerabilities, CVE-2024-7479 and CVE-2024-7481, affecting its Remote Client and Remote Host products for Windows, both rated with a CVSS score of 8.8. These vulnerabilities …
Summary: Pure Storage has issued a critical security advisory regarding multiple high-severity vulnerabilities in its FlashArray and FlashBlade storage systems, some rated with a maximum CVSS score of 10. These …
Summary: A critical vulnerability (CVE-2024-7120) in RAISECOM Gateway devices allows remote attackers to execute arbitrary commands, posing a severe threat to enterprise security. Exploitation of this flaw has been actively …
Summary: pgAdmin has issued an urgent security update to address a critical vulnerability (CVE-2024-9014) in versions 8.11 and earlier, which could allow attackers to compromise user data through OAuth2 authentication. …
Summary: A critical security flaw (CVE-2024-7490) in the Microchip Advanced Software Framework (ASF) could allow remote code execution due to a stack-based overflow vulnerability. Additionally, a severe zero-click vulnerability (CVE-2024-20017) …
Summary: A critical vulnerability (CVE-2024-41721) has been identified in FreeBSD’s bhyve hypervisor, specifically in its USB emulation functionality, with a high CVSS score of 9.8. This flaw could allow malicious …
Summary: A sophisticated phishing campaign has been identified that distributes Lumma Stealer malware through deceptive human verification pages targeting Windows users. This method leverages clipboard manipulation and PowerShell commands to …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added several high-risk vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including critical remote code execution flaws in Oracle products …
Summary: Researchers have disclosed a critical authentication bypass vulnerability, CVE-2024-45488, in One Identity’s Safeguard for Privileged Passwords (SPP), potentially allowing attackers full administrative access. The vulnerability arises from a hard-coded …
Short Summary:
Check Point Research has uncovered a new attack vector where threat actors exploit Windows Internet Shortcut files (.url) to lure users into executing remote code. By utilizing the …
Short Summary:
Just Evil is a pro-Russian cyber threat group formed in January 2024 by KillMilk, following internal changes within KillNet. The group aims to maintain an ideological mission while …
Summary: Cybersecurity researchers at Darktrace have reported on the exploitation of Fortinet’s FortiClient Endpoint Management Server (EMS) through a critical SQL injection vulnerability (CVE-2023-48788), allowing attackers to gain unauthorized access …
Summary: Microsoft has updated its security advisory to classify CVE-2024-37985 as a zero-day vulnerability, which poses a medium-level threat to Windows systems by allowing unauthorized access to sensitive heap memory. …
Summary: Broadcom has released critical updates to address a severe security vulnerability in VMware vCenter Server that could allow remote code execution. The flaws, identified as CVE-2024-38812 and CVE-2024-38813, were …
Summary: A critical vulnerability (CVE-2024-40711) in Veeam’s Backup & Replication software has been disclosed, allowing unauthenticated remote code execution with a CVSS score of 9.8, posing significant risks to enterprise …
Summary: GitLab has released an urgent security update to address a critical vulnerability (CVE-2024-45409) affecting both Community and Enterprise Editions, which poses a severe risk by allowing unauthenticated attackers to …
Short Summary:
A new method of distributing Lumma Stealer malware has been identified, targeting Windows users through deceptive human verification pages. This technique, discovered by Unit42 at Palo Alto Networks, …
The Summer Intelligence Insights report by Securonix Threat Labs highlights significant cyber threats identified over the last three months, including phishing campaigns, cyber-espionage efforts, and ransomware attacks. The …
CISA has added critical vulnerabilities affecting Microsoft Windows MSHTML Platform (CVE-2024-43461) and Progress WhatsUp Gold (CVE-2024-6670) to its Known Exploited Vulnerabilities catalog. Users are urged to update affected …
CISA has added critical vulnerabilities affecting Microsoft Windows MSHTML Platform (CVE-2024-43461) and Progress WhatsUp Gold (CVE-2024-6670) to its Known Exploited Vulnerabilities catalog. Users are urged to update affected …